diff options
Diffstat (limited to 'php.ini-production')
-rw-r--r-- | php.ini-production | 41 |
1 files changed, 20 insertions, 21 deletions
diff --git a/php.ini-production b/php.ini-production index c39de742db..d78cdcbe41 100644 --- a/php.ini-production +++ b/php.ini-production @@ -78,9 +78,9 @@ ; compatibility with older or less security conscience applications. We ; recommending using the production ini in production and testing environments. -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to ; application users can inadvertently leak otherwise secure information. ; This is php.ini-production INI file. @@ -433,7 +433,7 @@ memory_limit = 128M ; E_NOTICE - run-time notices (these are warnings which often result ; from a bug in your code, but it's possible that it was ; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an +; relying on the fact it is automatically initialized to an ; empty string) ; E_STRICT - run-time notices, enable to have PHP suggest changes ; to your code which will ensure the best interoperability @@ -466,8 +466,8 @@ error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT ; it could be very dangerous in production environments. Depending on the code ; which is triggering the error, sensitive information could potentially leak ; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. ; Possible Values: ; Off = Do not display any errors ; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) @@ -481,8 +481,8 @@ display_errors = Off ; The display of errors which occur during PHP's startup sequence are handled ; separately from display_errors. PHP's default behavior is to suppress those ; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. ; Default Value: Off ; Development Value: On ; Production Value: Off @@ -780,8 +780,8 @@ enable_dl = Off ;fastcgi.logging = 0 ; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send ; RFC2616 compliant header. ; Default is zero. ; http://php.net/cgi.rfc2616-headers @@ -884,8 +884,7 @@ default_socket_timeout = 60 ;extension=php_exif.dll ; Must be after mbstring as it depends on it ;extension=php_mysql.dll ;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11gR2 Instant Client +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client ;extension=php_openssl.dll ;extension=php_pdo_firebird.dll ;extension=php_pdo_mysql.dll @@ -1380,9 +1379,9 @@ session.save_handler = files ; ; where N is an integer. Instead of storing all the session files in ; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. ; ; NOTE 1: PHP will not create this directory structure automatically. ; You can use the script in the ext/session dir for that purpose. @@ -1417,7 +1416,7 @@ session.use_cookies = 1 ; This option forces PHP to fetch and use a cookie for storing and maintaining ; the session id. We encourage this operation as it's very helpful in combating ; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. +; not the be-all and end-all of session hijacking defense, but it's a good start. ; http://php.net/session.use-only-cookies session.use_only_cookies = 1 @@ -1490,14 +1489,14 @@ session.gc_maxlifetime = 1440 ; PHP 4.2 and less have an undocumented feature/bug that allows you to ; to initialize a session variable in the global scope. -; PHP 4.3 and later will warn you, if this feature is used. +; PHP 4.3 and later will warn you if this feature is used. ; You can disable the feature and the warning separately. At this time, ; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you +; introduces some serious security problems if not handled correctly. We +; recommend you not use this feature on production servers. You ; should enable this on development servers and enable the warning as well. If you ; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. +; used, so debugging errors caused by this can be difficult to track down. ; Default Value: On ; Development Value: On ; Production Value: Off @@ -1542,7 +1541,7 @@ session.cache_limiter = nocache session.cache_expire = 180 ; trans sid support is disabled by default. -; Use of trans sid may risk your users security. +; Use of trans sid may risk your users' security. ; Use this option with caution. ; - User may send URL contains active session ID ; to other person via. email/irc/etc. |